Odrive blocked by Palo Alto SSL-Decryption

Hi odrive community.

Having issues getting odrive to work on my corporate network, but only in the offices in which Palo Alto SSL-Decryption is enabled on our firewalls. I think this is the same scenario as this topic: 6367 Unable to Sync .Cloudf - Please check your network connection

Hoping someone here may know the URL’s accessed when attempting to sync to OneDrive and ProCore so I can exclude SSL decryption to those addresses.

Thank you.

Hi @victor.foggon,
Can you send a quick diagnostic from a client that runs into a connection issue? I just want to verify the error being seen: How do I send a diagnostic?

It may also be visible in the sync logs (accessed from the top of the odrive tray menu under “Ready to sync new changes/Syncing changes”->“Open sync activity log”.

For Procore URLs:
https://login.procore.com (Auth)
https://api.procore.com (General API requests)
https://storage.procore.com (Initiating downloads)
https://s3.amazonaws.com (Performing downloads and uploads)

For OneDrive, are you using Sharepoint, OneDrive for Business, or standard OneDrive

Hi Tony,

Thanks for getting back to me so quickly! My end user is trying it with his standard personal OneDrive account currently, testing the odrive platform before we commence a project that will utilize Procore. I’m using Google Drive for my tests.

Unfortunately when attempting to send a Diagnostic I get the following error message: There was an error sending the diagnostic report: caused by SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed

I have also found an old comment of yours in a different thread that suggests opening odrive with a powershell command that will also display some error information, here is the command for reference and output. Seems like the same error.

powershell -command “&{$bin=$(ls “$HOME.odrive\bin” | sort Name -desc | select -f 1).FullName; Start-Process “$($bin)\odriveapp.exe”;}”


odriveNetworkException: code o_NETWORK_DOWN - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed

Apologies I forgot the System Tray, it looks as though it’s not making it through the sign in section and so I have limited options.


Thanks @victor.foggon!

It definitely looks like something is interfering with SSL.

As a test I would try adding these URLs to your exclusion list and see if you can get odrive working:


Google Drive:

If so, I can take a look at the OneDrive endpoints too.

Hi Tony,

odrive is now opening successfully and giving me more system tray options, as well as an odrive sync folder.

My end user and I are still getting SSL errors when attempting to access anything in the sync folder, could you please check out the required endpoint URL’s for Google Drive?

We don’t yet have access to Procore, and I’m apprehensive about messing with my network config for onedrive as most of the company uses it, so going to get my user to do his testing on Google Drive.

Thanks so much for your assistance so far, you’ve been fantastic!

1 Like

Hey @victor.foggon,
No problem! I’m glad to help.

Try these for Google Drive:

Blast, I was just missing the googleapis address.

Looks like we’re all good! Google Drive is successfully syncing my files and my user should be able to perform his testing.

Thanks again for your assistance Tony, I’ll post in this thread again if we run into issues with Procore but I think we should be good to go.

1 Like

Great @victor.foggon!

We would also be very interested to hear how odrive is being utilized with respect to Procore and what we can do to make it even better. Feel free to reach out to us at product@odrive.com with any feedback you or your team may have.

Hi odrive community,

Back again 3 months later with the same problem. My end users have finally begun to actually use odrive with Procore and are getting some sync issues when connecting through my corporate Palo Alto firewall.

As before this appears to be related to SSL Decryption, with the following error present in the Sync Activity Log:

10 May 12:41:43PM ERROR Failed Download for FILEPATH.cloud Error: code PROCORE_NETWORK_DOWN - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed

Different from the previous case, this time around I am able to sync and open Folders from Procore. It’s only when I attempt to sync a file that I get an ‘Unable to sync’ popup and the above recorded in the log.

Would you happen to know if the Procore URL’s used in this process have changed since a few months ago?

Thanks for any assistance.

Hi @victor.foggon ,
The Procore uploads and download URLs are dynamically generated by Procore, so it is tough to say exactly what the URL would be. It is likely an Amazon S3 domain.

In my tests the domain has always been s3.amazonaws.com. However, this is the domain for the us-east-1 region. It is possible that they are using different regions depending on the Procore account. In which case it could be something like s3.us-west-1.amazonaws.com or s3.ap-southeast-2.amazonaws.com

It is not ideal, but as a test, could you try allowing *.procore.com and *.amazonaws.com and seeing if that allows the transfers to go through?

Hi Tony!

Thanks for the assistance, I had previously whitelisted the URL’s as wildcards. Turns out I needed to also add the URL’s to a second location on my firewall which I was previously unaware of.

Massively appreciate the quick reply, hope you’ve been well. :slight_smile:

1 Like